Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Further reading

Symantec Web Isolation is a capability that the company announced on June 7 as part of the Symantec Web Security Service (WSS). The core isolation technology for both web and email threat isolation has its roots in technology that Symantec gained through its acquisition of Fireglass in July 2017.

How Email Threat Isolation Works

When a user clicks on a malicious link in an email protected by Symantec Email Threat Isolation, the link appears identical to one opened in a native (i.e., regular) browser, Wong said. However, the malicious link is executed remotely in a secure remote environment.

"This environment confines all malicious activity and only sends safe rendering information to the user," she said.

One of the most common email threat vectors is malicious attachments, which is also an area where isolation helps to limit risks. Wong explained that Email Threat Isolation remotely renders and blocks malicious downloads and documents and alerts users when a malicious download is blocked. In comparison, non-malicious downloads or documents sent via email links are also rendered remotely and opened via the browser for safe viewing by users, she said.

There is also a reporting capability for links and malware that are blocked by the Email Threat Isolation technology.

Business Email Compromise

While Email Threat Isolation can limit multiple types of email threats, that’s not the case with business email compromise (BEC). With BEC, attackers trick victims into paying fraudulent invoices. It is an increasingly lucrative attack vector, with the FBI reporting an increasing pace of financial losses in 2018.

"Business email compromise is a different issue, since these attacks do not contain a malicious link or attachment," Wong said. "Symantec stops these threats by using sophisticated impersonation controls to identify and prevent email attacks that imitate a legitimate user or domain within an organization."

Wong added that Symantec has capabilities to perform typo-squatting analysis to detect BEC attacks that use lookalike domains to trick users into falling for their scams. Symantec also aims to help block BEC attacks that directly spoof legitimate email domains by enforcing sender authentication methods.

Looking forward, Wong said Symantec is looking to move beyond email security to broader messaging security. Communications flow over a range of messaging channels, beyond traditional email, she said. Examples include business communication channels such as Slack, proprietary messaging services for Amazon and Salesforce, personal webmail (e.g., Gmail) and LinkedIn.

"We see attackers using the same tactics over these channels as core email," Wong said. "We are building integrated services to cover threats across these messaging channels, sharing intelligence between them, and reporting holistically on messaging security posture."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.